package com.xiaoyi.config;

import com.xiaoyi.common.security.*;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.annotation.Resource;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private LoginSuccessHandler loginSuccessHandler;

    @Resource
    private LoginFailureHandler loginFailureHandler;

    @Resource
    private JwtLogoutSuccessHandler logoutSuccessHandler;

    @Resource
    private MyUserDetailsServiceImpl myUserDetailsService;

    private static final String[] URL_WHITELIST = {
            "/login",
            "/logout",
            "/image/**",
            "/test/**",
            "/captcha",
            "/password"
    };

    @Bean
    JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {
        return new JwtAuthenticationFilter(authenticationManager());
    }

    @Bean
    BCryptPasswordEncoder bCryptPasswordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(myUserDetailsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 开启跨域 以及关闭csrf攻击
        http
            .cors()
        .and()
            .csrf()
            .disable()
    // 登录登出配置 添加登录登出处理器
            .formLogin()
            .successHandler(loginSuccessHandler)
            .failureHandler(loginFailureHandler)
        .and()
            .logout()
            .logoutSuccessHandler(logoutSuccessHandler)
    // session禁用配置
        .and()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 无状态
    // 拦截规则配置
        .and()
            .authorizeRequests()
            .antMatchers(URL_WHITELIST).permitAll() // 放行白名单
            .anyRequest().authenticated()
    // 异常处理配置

    // 自定义过滤器配置
        .and()
            .addFilter(jwtAuthenticationFilter());
    }

//    /**
//     * @description 忽略websocket拦截
//     * @param web security配置
//     * @author 小易
//     * @date 2022/12/8 15:46
//     */
//    @Override
//    public void configure(WebSecurity web) throws Exception {
//        web.ignoring().antMatchers("/ws/**");
//    }
}
